CVE-2021-0604

Name of the Vulnerable Software and Affected Versions: Android versions 8.1 through 11

Description: The issue is related to a confused deputy in the generateFileInfo function of BluetoothOppSendFileInfo.java, which could allow sharing private files over Bluetooth. This may lead to local information disclosure without requiring additional execution privileges. User interaction is necessary for exploitation.

Recommendations: For Android versions 8.1 through 11, as a temporary workaround, consider restricting Bluetooth file sharing to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.